Solved

newly created DNS set up to automatically replicate with a dns server at remote site that it doesn't have a connection to

Posted on 2013-10-30
5
472 Views
Last Modified: 2013-10-30
We have a main site with 2 dns 2008r2 servers that replicate to dns/ad servers at remote sites and they have a vpn tunnel to every site.
There are tunnels built via cisco ASA between the sites, but there is not a tunnel between every site.
I added a new DNS to a remote site on server 2003. It automatically generated an NTDS Settings in AD sites and Services to replicated with our main server at the main site but also a dns at the remote site that it does not have a vpn tunnel to. Therefore I am getting replication errors.  I was always told to not mess with the automatically generated ones, so is it okay to delete this?
0
Comment
Question by:jtano
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39612178
You need to create AD sites and service topology as per physical connectvity.It seem you have hub and spoke topology.See below thread how to create the same.

http://social.technet.microsoft.com/Forums/windowsserver/en-US/c92ba0ed-4652-4098-bdcf-8b9f8803c9aa/site-link-bridge?forum=winserverDS
0
 

Author Comment

by:jtano
ID: 39612533
So on the new server I went under Inter site Tansports and under IP where my dafaultIPSITELINK is I clicked to add a new Site link and in this link just put the remote site rr and the main site cc in.  In the default site link I took out the remote rr so it won't try to replicate with the remote site V v. Now I just wait for it to replicate. Does this sound correct?
0
 

Author Comment

by:jtano
ID: 39612548
I guess I should ask if I disable the site link bridge do I need to manually set up the ones that are already replicating correctly ( it is enabled now) or doing the way I said above will that work okay without disabling?
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 500 total points
ID: 39612840
Lets assume you have 4 site Site A/B/C/D and site A is hub site.So the topology will look like this

- Create site for all four site A,SiteB...
- Create site link a below(Add the two sites in each specific connector).
SiteA- SiteB
SiteA-SiteC
SiteA-SiteD
-Disable bridging:http://technet.microsoft.com/en-us/library/cc738789(v=ws.10).aspx
- Ensure that you also create subnets and map to specific.

Once done wait for replication kcc will create the required topology.If you have created any manual connection delete the same as it is not recommended.http://blogs.technet.com/b/markmoro/archive/2011/08/05/you-are-not-smarter-than-the-kcc.aspx
0
 

Author Comment

by:jtano
ID: 39613165
Okay. I was confused becuase it was alrady disabled for IP but it set up a replication to a server it can't reach?  I think its good now thanks for the links they were very helpful.
I set up a new link and deleted the bad one. At least its replicating now.
Thanks
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question